Se connecter / S'enregistrer
Votre question

Virus insupprimables, constants... (avec rapport Hijackthis).

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
30 Octobre 2010 08:01:27

Bonjour à tous,

Je viens sollicité votre aide pour un problème de virus récurrents. Je suis sur Windows XP service pack 3. Ça fait plusieurs jours déjà que j'ai attrapé un Cheval de Troie et une autre série de malwares. J'ai tenté de résoudre tout ça seul mais en vain, j'ai effectué un examen complet avec MBAM en mode sans échec.
Déjà je n'arrivais pas à mettre à jour MBAM à cause d'une erreur, surement un malware qui a du empêchait ça. Une fois l'examen finit lors de la suppression il m'a indiqué qu'il ne pouvait pas tout supprimé ... J'ai pu ensuite le mettre à jour mais je n'ai pas essayer.

Actuellement mon antivirus qui est Antivir signale toujours la présences de virus.

Pleins de phénomènes se produisent :

- Des déconnexions intempestives

- Mon interface Windows prend quelques fois au niveau de la barre d'outils notamment, l'apparence de celle d'un Windows 98, des fois elle jongle entre Windows Xp et 98 avec d'affreux espaces blancs.

- Certains sites avec lesquelles je n'avait aucun problème avant sont accessibles quelques fois, une fois sur deux, avec une page blanche en chargement et prétextant une attente de recherche de "Google analitycs". (je viens d'édité j'ai oublié cet élément).

- Le système se met plus souvent à ramer.

- Un des plus problématiques, mes périphériques audio et carte son ne sont pas détectés (ils sont pourtant à jour, sous Dxdiag ils fonctionnent etc...). Des fois ils fonctionnent et des fois ils s'arrêtent subitement, je suis obligé de redémarrer l'ordinateur ou utiliser la commande services.msc et démarrer le service audio windows manuellement. Ça ne m'étais jamais arrivé dès lors.
Mais ce qui est le plus fâcheux, c'est que la balance audio est complétement déséquilibré ! Je dois avoir 95% de son sur la droite et seulement 5 % sur la gauche, j'ai essayé de regarder les réglages audio mais les balances sont parfaitement régler et proportionnées ...

Donc voilà, merci de votre aide, sans plus attendre je met le rapport que je viens d'effectuer avec Hijackthis, en mode normal (je peux aussi fournir mon ancien rapport MBAM si besoin est) :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:32:03, on 30/10/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe
C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe
C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Mes documents\Téléchargements\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr/r/Ohome_accueil?ref=O_toolbar32_hook...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://configuration.adsl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\YouTube Downloader Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Veoh Video Compass - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\YouTube Downloader Toolbar\SearchSettings.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [MailNotifier] C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: BDARemote.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 12652 bytes

Autres pages sur : virus insupprimables constants rapport hijackthis

a c 295 8 Sécurité
30 Octobre 2010 09:06:49

Bonjour,

Je veux bien le rapport de MBAM.

  • Télécharge Ad-Remover (de C_XX) sur ton Bureau.
  • Déconnecte-toi et ferme toutes applications en cours.
  • Double-clique sur AD-R situé sur ton Bureau pour le lancer.
  • Choisis Nettoyer puis valide.
  • Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).

    (CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
    30 Octobre 2010 09:34:46

    Bonjour,

    Voici le rapport MBAM il m'avait indiqué qu'il n'avait pas pu tout supprimé, je lance et poste celui d'AD-Remover sous peu :

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 4052

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    26/10/2010 14:17:29
    mbam-log-2010-10-26 (14-17-29).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 339422
    Temps écoulé: 4 heure(s), 9 minute(s), 4 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 3
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.249,93.188.160.249 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{a7a0f9cd-4a8e-4228-b269-848308bb01f8}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.249,93.188.160.249 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f211bd65-6b05-4ca8-85cc-5ddfc3b31f74}\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.249,93.188.160.249 -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\cryptnet32.dll (Trojan.Tracur) -> Delete on reboot.
    C:\WINDOWS\system32\crt.dat (Malware.Trace) -> Quarantined and deleted successfully.

    Contenus similaires
    30 Octobre 2010 09:55:59

    Le rapport d'Ad-Remover :

    ======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

    Mis à jour par TeamXscript le 25/10/10 à 11:40
    Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
    Site web: http://www.teamxscript.org

    C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 09:37:42 le 30/10/2010, Mode normal

    Microsoft Windows XP Professionnel Service Pack 3 (X86)
    HP_Administrateur@NOM-FB9B15D2723 ( )

    ============== ACTION(S) ==============

    Service: "Application Updater" Stoppé et supprimé

    Fichier supprimé: C:\Program Files\Mozilla Firefox\extensions\searchsettings@spigot.com
    Fichier supprimé: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
    Dossier supprimé: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mozilla\FireFox\Profiles\swse1aww.default\extensions\toolbar@ask.com
    Dossier supprimé: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\AskToolbar
    Dossier supprimé: C:\Program Files\Application Updater
    Dossier supprimé: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Search Settings

    (!) -- Fichiers temporaires supprimés.


    -- Fichier ouvert: C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mozilla\FireFox\Profiles\swse1aww.default\Prefs.js --
    Ligne supprimée:
    Ligne supprimée:
    Ligne supprimée: user_pref("extensions.asktb.cbid", "NL");
    Ligne supprimée: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&...
    Ligne supprimée: user_pref("extensions.asktb.dtid", "YYYYYYYYFR");
    Ligne supprimée: user_pref("extensions.asktb.fresh-install", false);
    Ligne supprimée: user_pref("extensions.asktb.l", "dis");
    Ligne supprimée: user_pref("extensions.asktb.last-config-req", "1288330862972");
    Ligne supprimée: user_pref("extensions.asktb.locale", "fr_FR");
    Ligne supprimée: user_pref("extensions.asktb.o", "14300");
    Ligne supprimée: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
    Ligne supprimée: user_pref("extensions.asktb.qsrc", "2871");
    Ligne supprimée: user_pref("extensions.asktb.r", "6");
    Ligne supprimée: user_pref("extensions.asktb.search-suggestions-enabled", true);
    Ligne supprimée: user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,jqs@sun.com:1.0,...
    -- Fichier Fermé --


    Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé supprimée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
    Clé supprimée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
    Clé supprimée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
    Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Clé supprimée: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Clé supprimée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
    Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd
    Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1
    Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL
    Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Clé supprimée: HKLM\Software\Application Updater
    Clé supprimée: HKLM\Software\Conduit
    Clé supprimée: HKLM\Software\Search Settings
    Clé supprimée: HKCU\Software\Ask.com
    Clé supprimée: HKCU\Software\AskToolbar
    Clé supprimée: HKCU\Software\Conduit
    Clé supprimée: HKCU\Software\Search Settings
    Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
    Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

    Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
    Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}
    Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


    ============== SCAN ADDITIONNEL ==============

    ** Mozilla Firefox Version [3.6.12 (fr)] **

    -- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mozilla\FireFox\Profiles\swse1aww.default\Prefs.js --
    browser.download.lastDir, C:\\Documents and Settings\\HP_Administrateur.NOM-FB9B15D2723\\Bureau
    browser.startup.homepage, hxxp://www.google.fr/
    browser.startup.homepage_override.mstone, rv:1.9.2.12
    keyword.URL, hxxp://r.orange.fr/r?ref=O_toolbar32_hook_syntaxError&url=http%3A//rws.search.ke.voila.fr/RW/A/O_toolbar31?...

    ========================================

    ** Internet Explorer Version [8.0.6001.18702] **

    [HKCU\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Do404Search: 0x01000000
    Enable Browser Extensions: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Show_ToolBar: yes
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\Main]
    Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\WINDOWS\system32\blank.htm
    Search bar: hxxp://search.msn.com/spbasic.htm
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/

    [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
    Tabs: res://ieframe.dll/tabswelcome.htm
    Blank: res://mshtml.dll/blank.htm

    ========================================

    C:\Program Files\Ad-Remover\Quarantine: 165 Fichier(s)
    C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

    C:\Ad-Report-CLEAN[1].txt - 30/10/2010 (2392 Octet(s))

    Fin à: 09:39:04, 30/10/2010

    ============== E.O.F ==============
    a c 295 8 Sécurité
    30 Octobre 2010 20:27:05

  • Relance Ad-Remover et choisis Désinstaller.

    Tu as refait un scan avec MBAM à jour ?
    31 Octobre 2010 07:01:19

    Bonjour, j'ai bien désinstaller.

    Voici l'alerte par Antivir du virus principal en question que j'ai reçu hier une fois de plus :

    "Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP279\A0301467.dll'
    un virus ou un programme indésirable 'TR/Lukicsel.G.1' [trojan] a été détecté."

    Et je viens de recevoir en ce moment même en démarrant mon ordinateur une nouvelle alerte d'Antivir d'un autre virus :

    "C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010\taskmgr.dll'
    un virus ou un programme indésirable 'TR/Crypt.ZPACK.Gen' [trojan] a été détecté.
    Action exécutée : Déplacer le fichier en quarantaine"

    J'ai aussi des alertes de soit disant outils de protections de virus d'un soit disant faux antivirus "Antivirus 2010" ou je ne sais quoi.

    Je lance un scan complet avec MBAM à jour en mode sans échecs et je poste le rapport.
    31 Octobre 2010 11:36:37

    RE, voici le rapport de MBAM après scan :

    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org

    Version de la base de données: 5004

    Windows 5.1.2600 Service Pack 3 (Safe Mode)
    Internet Explorer 8.0.6001.18702

    31/10/2010 11:22:56
    mbam-log-2010-10-31 (11-22-56).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 363143
    Temps écoulé: 4 heure(s), 9 minute(s), 25 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 6
    Valeur(s) du Registre infectée(s): 7
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 18

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9nahweuwvobn (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus 2010 (Rogue.AntiVirusStudio2010) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\0.6807690190969035 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reportingmicrosoft (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reportingdwintl20 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\YouTube Downloader Toolbar\FF\components\youtubedownloaderToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010 (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temp\m.210.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010\AntiVirus_Studio_2010.exe (Rogue.AntiVirusStudio2010) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temp\0.6807690190969035.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\program files\fichiers communs\microsoft shared\DW\1081\reportingdwintl20.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\AntiVirus 2010\securityhelper.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Temp\0.33088679052329706.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\Electronic Arts\EADM\EADMEADMInstaller.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\QuickTime\PictureViewer.Resources\it.lproj\QuickTimeQuickTime7.6.6.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    C:\Program Files\YouTube Downloader Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    C:\Program Files\YouTube Downloader Toolbar\FF\components\youtubedownloaderToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    C:\Program Files\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\spool\prtprocs\w32x86\sKU5m.dll (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\Activate AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\Help AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010\How to Activate AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\shimg.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723\Menu Démarrer\Programmes\AntiVirus 2010.lnk (Rogue.AntiVirus2010) -> Quarantined and deleted successfully.
    31 Octobre 2010 13:08:55

    J'ai encore les défauts de bars et le problème audio, apparemment c'est du à l'erreur Generic Host Process for Win32 Services que je reçois souvent, mais que je n'avais pas avant ces virus.

    Donc j'ai essayer des solutions que j'ai vu, chose que je n'aurais pas du faire ... J'ai désactivé le Client DNS via Services.msc mais sans succès, Ad-Remover, réparation du système avec sfc /scannow via exécuter.

    Dans la réparation du système, des fichiers n'ont pas été reconnus et certains remplacés, on m'a demandé d'insérer le CD de Windows service pack 3, je ne savais pas qu'un tel CD existait puisque j'ai téléchargé le service pack 3 gratuitement et légalement sur Windows Update.

    Et là catastrophe ... Après le redémarrage, l'interface est atroce, tout est redimensionné, une résolution des plus basses. En allant dans les propriétés et options, impossible de changer la résolution, pixels et couleurs, elle est fixé à la plus basse et pas d'autres options disponible.
    Je panique je ne sais pas quoi faire.

    Voilà à quoi ça ressemble avec les erreurs :

    http://img442.imageshack.us/img442/5453/erreur01.jpg

    http://img255.imageshack.us/img255/5014/erreur02.jpg
    a c 295 8 Sécurité
    31 Octobre 2010 21:27:17

    C'est un problème de pilote.

    Afin d'en connaître un peu plus sur ta config', fais ce qui suit :

  • Télécharge et installe Everest Ultimate.
  • Lance-le, va dans Ordinateur puis Résumé et donne-moi le résumé. Pour prendre le résumé, utilise la fonction Rapport en haut de ton écran :



    PS : supprime ton adresse mail si elle apparaît dans le rapport.
    1 Novembre 2010 08:28:01

    Bonjour, encore merci de ton aide, voici le rapport :

    --------[ EVEREST Ultimate Edition ]------------------------------------------------------------------------------------

    Version EVEREST v4.50.1330/fr
    Module de benchmark 2.3.224.0
    Site web http://www.lavalys.com/
    Type de rapport Rapport rapide [ TRIAL VERSION ]
    Ordinateur NOM-FB9B15D2723
    Générateur HP_Administrateur
    Système d'exploitation Microsoft Windows XP Media Center Edition 5.1.2600 (WinXP Retail)
    Date 2010-11-01
    Heure 08:17


    --------[ Résumé ]------------------------------------------------------------------------------------------------------

    Ordinateur:
    Type de système PC multiprocesseur ACPI
    Système d'exploitation Microsoft Windows XP Media Center Edition
    Service Pack du système [ TRIAL VERSION ]
    Internet Explorer 8.0.6001.18702
    DirectX 4.09.00.0904 (DirectX 9.0c)
    Nom du système NOM-FB9B15D2723
    Nom de l'utilisateur HP_Administrateur
    Domaine de connexion [ TRIAL VERSION ]
    Date / Heure 2010-11-01 / 08:17

    Carte mère:
    Type de processeur DualCore AMD Athlon 64 X2, 2000 MHz (10 x 200) 3800+
    Nom de la carte mère MSI Amethyst-M
    Chipset de la carte mère ATI Radeon Xpress 200/1100/1150, AMD Hammer
    Mémoire système [ TRIAL VERSION ]
    DIMM1: Micron Tech. 16VDDT6464AY-40BG6 512 Mo PC3200 DDR SDRAM (3.0-3-3-8 @ 200 MHz) (2.5-3-3-7 @ 166 MHz) (2.0-2-2-6 @ 133 MHz)
    DIMM2: Micron Tech. 16VDDT6464AY-40BG6 [ TRIAL VERSION ]
    Type de BIOS Award (01/12/06)
    Port de communication Port imprimante ECP (LPT1)

    Moniteur:
    Carte vidéo Radeon X1300/X1550 Series Secondary (256 Mo)
    Carte vidéo Radeon X1300/X1550 Series (256 Mo)
    Accélérateur 3D ATI Radeon X1300 LE / X1550 (RV515)
    Moniteur HP VS19 [19" LCD] (CNC551240R)

    Multimédia:
    Carte audio Realtek ALC658 @ ATI SB400 - AC'97 Audio Controller

    Stockage:
    Contrôleur IDE Contrôleur IDE standard double canal PCI
    Contrôleur IDE Contrôleur IDE standard double canal PCI
    Contrôleur de stockage ASANRDAZ IDE Controller
    Disque dur Generic USB CF Reader USB Device
    Disque dur Generic USB MS Reader USB Device
    Disque dur Generic USB SD Reader USB Device
    Disque dur Generic USB SM Reader USB Device
    Lecteur optique LEV 7KDMB8X2VGL SCSI CdRom Device
    Lecteur optique TSSTcorp CD/DVDW TS-H552D (DVD+R9:2.4x, DVD+RW:16x/4x, DVD-RW:12x/4x, DVD-ROM:16x, CD:40x/32x/48x DVD+RW/DVD-RW)
    État des disques durs SMART Inconnu

    Partitions:
    C: (NTFS) [ TRIAL VERSION ]
    D: (FAT32) 7162 Mo (1779 Mo libre)
    Taille totale [ TRIAL VERSION ]

    Entrée:
    Clavier HP PS2 Keyboard (2K - 3)
    Souris Souris HID

    Réseau:
    Adresse IP principale [ TRIAL VERSION ]
    Adresse MAC principale 00-18-E7-80-E1-77
    Carte réseau Realtek RTL8139/810x Family Fast Ethernet NIC
    Carte réseau TG123g USB Wireless Adapter (192. [ TRIAL VERSION ])

    Périphériques:
    Imprimante Fax
    Imprimante HP Photosmart 3200 series
    Imprimante HP remote printers
    Imprimante Microsoft XPS Document Writer
    Contrôleur FireWire VIA VT6307 Fire IIM IEEE1394 Host Controller (PHY: VIA VT6307)
    Contrôleur USB1 ATI SB400 - USB Controller
    Contrôleur USB1 ATI SB400 - USB Controller
    Contrôleur USB2 ATI SB400 - USB 2.0 Controller
    Périphérique USB Périphérique de stockage de masse USB
    Périphérique USB Périphérique d'interface utilisateur USB
    Périphérique USB TG123g USB Wireless Adapter

    DMI:
    Distributeur du BIOS Phoenix Technologies, LTD
    Version du BIOS 3.43
    Fabricant du système HP Pavilion 061
    Nom du système EP239AA-ABF m7355.fr
    Version du système 0qm0114RE101AMETM00
    Numéro de série du système [ TRIAL VERSION ]
    UUID du système [ TRIAL VERSION ]
    Fabricant de la carte mère MSI
    Nom de la carte mère AMETHYST-M
    Version de la carte mère 1.0
    Numéro de série de la carte mère [ TRIAL VERSION ]
    Fabricant du châssis Hewlett-Packard
    Version du châssis
    Numéro de série du châssis [ TRIAL VERSION ]
    Identifiant du châssis [ TRIAL VERSION ]
    Type du châssis Desktop Case
    Sockets mémoire (Total/Libres) 4 / 2


    --------[ Debug - PCI ]-------------------------------------------------------------------------------------------------

    B00 D00 F00: ATI Radeon Xpress 200/1600 (RD480/RS480/RS482/RS485/RX480/RX482) Chipset - Host Bridge

    Offset 000: 02 10 50 59 06 00 20 22 10 00 00 06 00 40 00 00
    Offset 010: 00 00 00 00 00 00 00 00 01 41 00 00 04 00 00 E0
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 C4 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 42 20 06 00
    Offset 050: 3C 10 24 2A 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 7F 00 00 00 00 00 00 00 00 00 00 00 28 00 73 06
    Offset 070: E0 08 00 00 00 00 00 00 00 00 00 00 00 00 00 10
    Offset 080: 10 0B 00 02 94 10 00 03 20 00 00 00 05 25 00 00
    Offset 090: 00 00 00 40 45 CA 45 EC 00 00 00 00 01 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 08 00 80 01 60 00 11 11 D0 00 00 00
    Offset 0D0: 25 06 65 00 02 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 FF FF FF FF 5F 00 00 00 00 00 80 00
    Offset 0F0: 00 00 00 00 00 80 80 00 03 00 00 00 00 00 40 01

    B00 D02 F00: ATI PCI Express Root Port

    Offset 000: 02 10 34 5A 07 00 10 00 00 00 04 06 08 00 01 00
    Offset 010: 00 00 00 00 00 00 00 00 00 01 01 00 E1 E1 00 20
    Offset 020: D0 FD D0 FD 01 D0 F1 DF 00 00 00 00 00 00 00 00
    Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 0A 00
    Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 050: 01 58 03 C8 00 00 00 00 10 80 41 00 20 00 00 00
    Offset 060: 10 08 00 00 01 0D 00 00 00 00 01 11 00 00 00 00
    Offset 070: C0 03 48 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 05 B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 0D B8 00 00 02 10 50 59 08 00 03 A8 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: A2 00 00 00 66 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D12 F00: ATI SB400 - SATA Controller

    Offset 000: 02 10 79 43 07 00 B0 02 00 8F 01 01 08 40 00 00
    Offset 010: 01 FE 00 00 01 FD 00 00 01 FC 00 00 01 FB 00 00
    Offset 020: 01 FA 00 00 00 F0 02 FE 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 60 00 00 00 00 00 00 00 16 01 00 00
    Offset 040: 00 00 00 00 02 00 0C 02 00 00 00 00 00 00 00 00
    Offset 050: 05 00 00 00 00 00 00 00 00 00 00 00 0E 23 00 00
    Offset 060: 01 50 22 06 00 40 00 64 02 10 00 00 00 00 00 00
    Offset 070: 00 00 00 00 F8 FE D3 06 08 00 20 00 00 00 00 00
    Offset 080: 22 00 00 00 22 00 00 00 00 00 01 00 47 DE 97 CB
    Offset 090: 49 6E 66 50 49 6E 66 50 49 6E 66 50 49 6E 66 50
    Offset 0A0: 01 21 15 65 DD 62 DD 62 92 43 92 43 09 40 09 40
    Offset 0B0: 01 21 15 65 DD 62 DD 62 92 43 92 43 09 40 09 40
    Offset 0C0: 00 00 00 00 49 6E 66 50 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D13 F00: ATI SB400 - USB Controller

    Offset 000: 02 10 74 43 07 00 B0 02 00 10 03 0C 08 40 80 00
    Offset 010: 00 E0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 D0 00 00 00 00 00 00 00 13 01 00 00
    Offset 040: 80 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00
    Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D13 F01: ATI SB400 - USB Controller

    Offset 000: 02 10 75 43 07 00 B0 02 00 10 03 0C 08 40 00 00
    Offset 010: 00 D0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 D0 00 00 00 00 00 00 00 13 01 00 00
    Offset 040: 80 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00
    Offset 050: 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D13 F02: ATI SB400 - USB 2.0 Controller

    Offset 000: 02 10 73 43 07 00 B0 02 00 20 03 0C 08 40 00 00
    Offset 010: 00 C0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 DC 00 00 00 00 00 00 00 13 01 00 00
    Offset 040: 80 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00
    Offset 050: 00 28 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 20 20 00 00 00 20 00 00 00 20 00 00 00 20 00 00
    Offset 070: 00 20 00 00 00 20 00 00 00 20 00 00 00 20 00 00
    Offset 080: 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 01 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 05 00 00 00 00 00 00 00 00 00 00 00 01 D0 02 7E
    Offset 0E0: 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D14 F00: ATI SB400 - SMBus Controller

    Offset 000: 02 10 72 43 03 00 30 02 11 00 05 0C 00 00 80 00
    Offset 010: 01 05 00 00 00 B0 02 FE 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 B0 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: D0 A1 00 00 00 00 00 00 0F FF 00 00 00 00 00 00
    Offset 050: FF 03 00 00 FF 03 00 00 00 00 00 00 00 00 00 00
    Offset 060: 01 00 04 00 BF B9 9E 8F 00 90 00 00 20 00 00 00
    Offset 070: 00 00 00 00 08 00 C0 FE FF 4E 00 00 00 00 00 00
    Offset 080: 0F 0B 00 00 00 00 00 00 00 00 00 00 8C 00 00 80
    Offset 090: 01 05 00 00 FB DE FF 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 FF FF FF FF 00 00 00 3F 03 00 C0 0B 00 F9
    Offset 0B0: 08 00 02 A8 00 00 00 00 00 00 00 00 F0 0F 00 00
    Offset 0C0: FF B7 E9 FF 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: D8 0C 00 00 00 41 00 00 00 00 00 00 00 00 00 00

    B00 D14 F01: ATI SB400 - IDE Controller

    Offset 000: 02 10 76 43 05 00 30 02 00 8A 01 01 00 40 00 00
    Offset 010: 01 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00
    Offset 020: 01 F8 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 70 00 00 00 00 00 00 00 FF 01 00 00
    Offset 040: 99 99 99 20 FF FF FF FF 00 00 00 04 00 00 00 00
    Offset 050: 00 00 00 00 04 00 00 02 00 00 00 00 00 00 00 00
    Offset 060: 00 00 40 01 10 2C 46 18 01 00 00 00 FF FF 0F 00
    Offset 070: 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D14 F03: ATI SB400 - PCI-ISA Bridge

    Offset 000: 02 10 77 43 0F 00 20 02 00 00 01 06 00 00 80 00
    Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: 04 00 00 00 41 00 00 FC BF FF 00 00 00 00 00 00
    Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 00 00 00 00 00 08 00 00 0E 00 0F 00 F8 FF FF FF
    Offset 070: 67 45 23 01 00 00 00 00 01 00 00 00 00 00 00 00
    Offset 080: 08 00 03 A8 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D14 F04: ATI SB400 - PCI-PCI Bridge

    Offset 000: 02 10 71 43 07 00 A0 02 00 01 04 06 00 40 81 00
    Offset 010: 00 00 00 00 00 00 00 00 00 02 02 20 D1 D1 80 22
    Offset 020: C0 FD C0 FD E0 FD E0 FD 00 00 00 00 00 00 00 00
    Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00
    Offset 040: 26 00 3C FF 00 00 00 00 04 01 3F F1 00 00 00 00
    Offset 050: 01 00 00 00 08 00 03 A8 00 00 00 00 00 00 00 00
    Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 01 00 02 06
    Offset 0E0: 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D14 F05: ATI SB400 - AC'97 Audio Controller

    Offset 000: 02 10 70 43 07 00 30 04 02 00 01 04 08 40 80 00
    Offset 010: 00 A0 02 FE 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 25 2A
    Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 11 02 02 00
    Offset 040: 05 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00
    Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D18 F00: AMD Hammer - HyperTransport Technology Configuration

    Offset 000: 22 10 00 11 00 00 10 00 00 00 00 06 00 00 80 00
    Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 030: 00 00 00 00 80 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: 01 01 01 00 01 01 01 00 01 01 01 00 01 01 01 00
    Offset 050: 01 01 01 00 01 01 01 00 01 01 01 00 01 01 01 00
    Offset 060: 00 00 01 00 E4 00 00 00 20 C8 20 0F 0C 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 08 00 01 21 20 00 11 11 22 06 75 80 02 00 00 00
    Offset 090: 56 04 51 02 00 00 02 00 07 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D18 F01: AMD Hammer - Address Map

    Offset 000: 22 10 01 11 00 00 00 00 00 00 00 06 00 00 80 00
    Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: 03 00 00 00 00 00 3F 00 00 00 00 00 01 00 00 00
    Offset 050: 00 00 00 00 02 00 00 00 00 00 00 00 03 00 00 00
    Offset 060: 00 00 00 00 04 00 00 00 00 00 00 00 05 00 00 00
    Offset 070: 00 00 00 00 06 00 00 00 00 00 00 00 07 00 00 00
    Offset 080: 03 0A 00 00 00 0B 00 00 00 00 00 00 00 00 00 00
    Offset 090: 03 00 40 00 80 FF DF 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 03 00 F0 00 00 02 FE 00
    Offset 0B0: 03 00 E0 00 80 2F E0 00 00 00 00 00 00 00 00 00
    Offset 0C0: 13 D0 00 00 00 F0 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 03 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D18 F02: AMD Hammer - DRAM Controller

    Offset 000: 22 10 02 11 00 00 00 00 00 00 00 06 00 00 80 00
    Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: 01 00 00 00 01 10 00 00 00 00 00 00 00 00 00 00
    Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 00 EE E0 03 00 EE E0 03 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 04 00 00 00 00 00 00 00 42 35 82 13 21 0B 00 00
    Offset 090: 80 8E 05 38 07 07 7B 06 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 2B 67 94 08 02 00 00 00 BF 0D 59 54 AF 74 CF 5F
    Offset 0C0: 00 80 02 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 75 26 03 81 4E A2 32 1A B5 37 FB 42 A2 90 32 F7
    Offset 0E0: 76 06 57 D0 C9 88 F5 8D FE 8A 66 1E 8C 3D D9 4C
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B00 D18 F03: AMD Hammer - Miscellaneous Control

    Offset 000: 22 10 03 11 00 00 00 00 00 00 00 06 00 00 80 00
    Offset 010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 040: FF 3B 00 00 40 00 00 08 00 00 00 00 00 00 00 00
    Offset 050: 90 77 93 F3 EF 00 00 00 00 00 00 00 80 98 ED F3
    Offset 060: 7D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 11 01 02 51 11 80 00 50 00 38 00 08 1B 22 00 00
    Offset 080: 00 00 07 23 13 21 13 21 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 60 58 00 00 90 38 30 F2 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 36 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 01 A7 0D 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 20 0D 63 12 19 11 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B01 D00 F00: ATI Radeon X1300 LE / X1550 (RV515) Video Adapter

    Offset 000: 02 10 46 71 07 00 10 00 00 00 00 03 08 00 80 00
    Offset 010: 0C 00 00 D0 00 00 00 00 04 00 DF FD 00 00 00 00
    Offset 020: 01 EF 00 00 00 00 00 00 00 00 00 00 62 14 70 04
    Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 12 01 00 00
    Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 70 04
    Offset 050: 01 58 02 06 00 00 00 00 10 80 01 00 A0 0F 00 00
    Offset 060: 10 08 0B 00 01 0D 00 00 00 00 01 11 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 05 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B01 D00 F01: ATI Radeon X1300 LE / X1550 (RV515) - Secondary Video Adapter

    Offset 000: 02 10 66 71 07 00 10 00 00 00 80 03 08 00 00 00
    Offset 010: 04 00 DE FD 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 62 14 71 04
    Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 FF 00 00 00
    Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 050: 01 58 02 06 00 00 00 00 10 00 01 00 80 0F 00 00
    Offset 060: 00 00 00 00 01 0D 00 00 00 00 01 11 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B02 D00 F00: Philips SAA7134 PCI AV Decoder

    Offset 000: 31 11 34 71 06 00 90 02 01 00 80 04 00 40 00 00
    Offset 010: 00 F0 CF FD 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 43 10 60 48
    Offset 030: 00 00 00 00 40 00 00 00 00 00 00 00 14 01 54 20
    Offset 040: 01 00 01 06 00 20 00 1C 00 00 00 00 00 00 00 00
    Offset 050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B02 D03 F00: Realtek RTL8139 PCI Fast Ethernet Adapter [A/B/C]

    Offset 000: EC 10 39 81 05 00 90 02 10 00 00 02 00 40 00 00
    Offset 010: 01 F9 00 00 00 E0 CF FD 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 14 01 20 40
    Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 050: 01 00 C2 F7 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    B02 D04 F00: VIA VT6307 Fire IIM IEEE1394 Host Controller

    Offset 000: 06 11 44 30 07 00 10 02 80 10 00 0C 08 40 00 00
    Offset 010: 00 D0 CF FD 01 DE 00 00 00 00 00 00 00 00 00 00
    Offset 020: 00 00 00 00 00 00 00 00 00 00 00 00 3C 10 24 2A
    Offset 030: 00 00 00 00 50 00 00 00 00 00 00 00 15 01 00 20
    Offset 040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 050: 01 00 02 E4 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

    PCI-1002-5950: ATI ClkConfig

    Offset 00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    Offset 30: 00 00 00 00 00 00 00 00 00 00 00 00 01 70 17 00
    Offset 40: 01 00 00 00 FF 7F 44 00 00 00 00 00 00 00 00 00
    Offset 50: 21 60 04 00 21 60 04 00 00 00 00 00 53 98 05 02
    Offset 60: 00 00 00 2F 00 50 A0 F0 00 F0 02 00 80 00 00 00
    Offset 70: 00 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00
    Offset 80: 00 00 00 00 00 00 00 00 00 00 00 00 00 7F 04 00
    Offset 90: 00 00 00 00 9E FF FF 73 00 00 00 1A E0 17 40 00
    Offset A0: 00 00 80 C3 00 00 00 00 00 00 00 00 00 00 00 00
    Offset B0: 00 00 00 00 00 00 00 00 00 00 00 00 FF FF 10 00
    Offset C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08
    Offset D0: 00 00 00 00 6C 7B 00 00 10 00 00 00 00 00 00 00
    Offset E0: 00 00 4D 07 00 00 00 00 00 00 00 07 00 00 00 00
    Offset F0: 00 00 00 00 00 00 00 00 00 0F 00 00 00 00 00 00

    PCI-1002-5950: ATI RC410/RD400/RS4xx/RX4xx NBMCIND

    Offset 00: 00000300 00000322 10A10000 00000006
    Offset 04: 00000000 00000000 00000000 00000000
    Offset 08: 00000000 00000000 00000000 00000000
    Offset 0C: 00000000 00000000 00000000 00000000
    Offset 10: 08881018 0000F09A 9999AAAA 00000000
    Offset 14: FFFF0000 00000000 00000000 00000000
    Offset 18: 00001000 00000000 00000020 00000000
    Offset 1C: 00054204 00000000 00000000 FFDD0000
    Offset 20: 00000000 00000000 00000000 00000000
    Offset 24: 00000000 00000000 00000000 00000000
    Offset 28: 00000000 00000000 00000000 00000000
    Offset 2C: 00000000 00000010 00000000 00000000
    Offset 30: 00000000 00000000 00000007 103FDA40
    Offset 34: 00000001 00000007 00000002 00000003
    Offset 38: 00000000 01400000 00000000 00000000
    Offset 3C: 00000000 0009A09A 00000000 0000F0F0
    Offset 40: 00000000 00000000 00000000 00000000
    Offset 44: 00000000 52800000 00000000 81000000
    Offset 48: 00000000 50000000 00000000 00000000
    Offset 4C: 00000000 00000000 00000000 0009A09A
    Offset 50: 00000000 0000F0F0 9999AAAA 00000000
    Offset 54: FFFF0000 00000000 00000000 00000000
    Offset 58: 00000000 00000000 00000000 00000000
    Offset 5C: 00000000 00000000 00000000 00800000
    Offset 60: 00000000 00000000 00000000 00000001
    Offset 64: 04000001 08000001 0C000001 10000000
    Offset 68: 10000000 10000000 10000000 03E0FE00
    Offset 6C: 03E0FE00 03E0FE00 03E0FE00 3FE0FE00
    Offset 70: 3FE0FE00 3FE0FE00 3FE0FE00 40000055
    Offset 74: 00177000 1016000B 003000B0 000E0008
    Offset 78: 01E2EE2A 00000000 0000015F 00200020
    Offset 7C: 001FFFC7 00080808 00400004 00000000


    --------[ Debug - Video BIOS ]------------------------------------------------------------------------------------------

    C000:0000 U...o...................0.....IBMM.............. 761295520......
    C000:0040 ??..............09/29/05 18:35..9....+...H.........\Ahb.p.Fq....
    C000:0080 113-A67608-107.S\13.RV515.PCI_EXPRESS.DDR2...RV515LE 102-A67608-
    C000:00C0 10 A12 Infineon DDR2 BIOS 450e/400m Channel AB .......
    C000:0100 ................................................................
    C000:0140 ................................................................
    C000:0180 ........(C) 1988-2005, ATI Technologies Inc. .ATOMBIOSBK-ATI VER
    C000:01C0 009.011.001.004.015494.13A67608.107.215156 .15494 .BIOS .B
    C000:0200 R15494.H....$...ATOM......U...T.....b.p.0.......PCIR..Fq........
    C000:0240 ........ATI ATOMBIOS.5.............|.....F....h....... ........
    C000:0280 ...fPfQfRfSfUfVfW...... .f........f.2..."...&..&.....f......,..4
    C000:02C0 .t.f.\.f.L.;.u...f.^.f.N..........SfPV....>....f=....r.f.....f-.
    C000:0300 P...,..4.t.f.D..^fX[.....f......9..\.....3&.w...a.Db.,..4.t..LP.
    C000:0340 ....!.f.....& ...fP... .. .....fXt.. f..D....f_f^f]f[fZfYfX.....
    C000:0380 .U......F.f3..F....F..R.....d<Z....]..>...u.............f....e..
    C000:03C0 ...@.T...B.....T.......|..k..~.....-o.........d.............d..e


    ------------------------------------------------------------------------------------------------------------------------

    The names of actual companies and products mentioned herein may be the trademarks
    1 Novembre 2010 22:24:28

    Bonsoir, merci à toi.

    Tout est revenu à la normale niveau résolution et interface.
    Par contre niveau audio j'ai toujours le déséquilibre des balances, avec presque plus de 90% du son à droite et j'ai encore l'erreur Généric Host Process for Win32 Services.

    Par ailleurs, aujourd'hui je n'ai pas spécialement navigué et j'ai reçu une nouvelle alerte de menace de virus par Antivir, là voilà :

    "Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP285\A0321583.dll'
    un virus ou un programme indésirable 'TR/Alureon.EC.79' [trojan] a été détecté."
    a c 295 8 Sécurité
    1 Novembre 2010 23:17:15

  • Relance MBAM, va dans Quarantaine et supprime tout.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

  • Réponds Oui au message d'avertissement pour que ComboFix commence l'analyse de ton PC.

  • Il va te demander d'installer la console de récupération : accepte.

  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    2 Novembre 2010 22:06:35

    Bonsoir, l'exécution et le déroulement de ComFix s'est déroulé avec succès.

    Il a repéré la présence de Rootkit, dans C:\WINDOWS\system32\Drivers\sptd.sys

    Seulement le rapport est apparu et mon ordinateur a planté, du coup je ne sais pas du tout où se trouve ce rapport.
    a c 295 8 Sécurité
    3 Novembre 2010 01:51:36

    Le rapport se trouve à la racine de ton disque dur (dans C:\).
    3 Novembre 2010 08:40:35

    Bonjour, merci, voici le rapport (J'ai essayé plusieurs fois de désactivé les Smilies en éditant mais je n'ai pas réussit, j'espère que ça reste quand même compréhensible) :


    ComboFix 10-11-01.05 - HP_Administrateur 02/11/2010 21:05:34.1.2 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.632 [GMT 1:00]
    Lancé depuis: c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Bureau\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning enabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\program files\sFX
    c:\program files\WinPCap
    c:\program files\WinPCap\rpcapd.exe
    c:\windows\run.log
    c:\windows\ST6UNST.000

    Une copie infectée de c:\windows\system32\Drivers\sptd.sys a été trouvée et désinfectée
    Copie restaurée à partir de - Kitty ate it :p 
    Une copie infectée de c:\windows\system32\Drivers\sptd.sys a été trouvée et désinfectée
    Copie restaurée à partir de - Kitty had a snack :p 
    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-10-02 au 2010-11-02 ))))))))))))))))))))))))))))))))))))
    .

    2010-11-01 21:06 . 2006-08-01 14:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
    2010-11-01 07:15 . 2010-11-01 07:15 -------- d-----w- c:\program files\Lavalys
    2010-10-31 11:26 . 2010-10-31 11:26 -------- d-----w- c:\program files\Ad-Remover
    2010-10-31 11:19 . 2008-04-14 03:33 116736 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
    2010-10-31 11:19 . 2001-08-23 16:47 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
    2010-10-31 11:19 . 2008-04-14 03:33 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
    2010-10-31 11:19 . 2001-08-23 16:47 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
    2010-10-31 11:19 . 2001-08-23 16:47 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
    2010-10-31 11:19 . 2001-08-23 16:47 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
    2010-10-31 11:19 . 2001-08-17 19:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
    2010-10-31 11:18 . 2004-08-03 22:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
    2010-10-31 11:18 . 2004-08-03 22:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
    2010-10-31 11:18 . 2008-04-14 03:33 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
    2010-10-31 11:18 . 2008-04-13 19:36 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
    2010-10-31 11:18 . 2004-08-03 22:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
    2010-10-31 11:16 . 2001-08-17 20:28 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys
    2010-10-31 11:15 . 2001-08-23 16:47 70144 ----a-w- c:\windows\system32\dllcache\umaxu12.dll
    2010-10-31 11:14 . 2001-08-23 16:46 43520 ----a-w- c:\windows\system32\dllcache\tp4res.dll
    2010-10-31 11:13 . 2001-08-17 21:07 32640 ----a-w- c:\windows\system32\dllcache\symc8xx.sys
    2010-10-31 11:12 . 2001-08-23 16:47 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll
    2010-10-31 11:11 . 2001-08-23 16:47 45568 ----a-w- c:\windows\system32\dllcache\smb3w.dll
    2010-10-31 11:10 . 2001-08-17 19:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys
    2010-10-31 11:09 . 2001-08-23 16:46 179264 ----a-w- c:\windows\system32\dllcache\s3sav3d.dll
    2010-10-31 11:08 . 2001-08-17 20:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys
    2010-10-31 11:07 . 2001-08-17 20:53 7168 ----a-w- c:\windows\system32\dllcache\pnrmc.sys
    2010-10-31 11:06 . 2001-08-23 16:47 42496 ----a-w- c:\windows\system32\dllcache\ovui2rc.dll
    2010-10-31 11:05 . 2001-08-17 19:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
    2010-10-31 11:04 . 2001-08-17 19:50 33088 ----a-w- c:\windows\system32\dllcache\n9i128v2.sys
    2010-10-31 11:03 . 2001-08-17 20:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
    2010-10-31 11:02 . 2001-08-17 19:49 22848 ----a-w- c:\windows\system32\dllcache\lwusbhid.sys
    2010-10-31 11:01 . 2001-08-17 20:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
    2010-10-31 11:00 . 2001-08-17 19:12 109085 ----a-w- c:\windows\system32\dllcache\ibmtrp.sys
    2010-10-31 10:59 . 2001-08-17 20:52 5760 ----a-w- c:\windows\system32\dllcache\hpt4qic.sys
    2010-10-31 10:58 . 2001-08-17 19:15 454912 ----a-w- c:\windows\system32\dllcache\fxusbase.sys
    2010-10-31 10:57 . 2001-08-17 19:19 72192 ----a-w- c:\windows\system32\dllcache\es1969.sys
    2010-10-31 10:56 . 2008-04-13 19:39 206976 ----a-w- c:\windows\system32\dllcache\dot4.sys
    2010-10-31 10:55 . 2004-08-03 22:32 48640 ----a-w- c:\windows\system32\dllcache\cwrwdm.sys
    2010-10-31 10:54 . 2001-08-23 16:02 14080 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
    2010-10-31 10:53 . 2001-08-17 20:52 22400 ----a-w- c:\windows\system32\dllcache\asc3350p.sys
    2010-10-31 10:50 . 2001-08-23 16:46 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
    2010-10-29 05:28 . 2010-10-29 05:28 -------- d-----w- C:\dad6f7f8131c70e72f755a
    2010-10-29 05:28 . 2010-10-29 05:28 -------- d-----w- C:\d495894268023df576850f2c27
    2010-10-28 05:38 . 2010-10-28 05:40 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\TeamViewer
    2010-10-28 05:38 . 2010-10-28 05:38 -------- d-----w- c:\program files\TeamViewer
    2010-10-28 01:55 . 2010-10-28 01:55 -------- d-----w- C:\51d0ad7516ec80629e91
    2010-10-28 01:55 . 2010-10-28 01:55 -------- d-----w- C:\8c9cb3e37601f4bc8865223d93
    2010-10-22 05:35 . 1998-06-23 23:00 164144 ----a-w- c:\windows\system32\COMCT232.OCX
    2010-10-22 05:35 . 2005-03-11 16:37 1986560 ----a-w- c:\windows\system32\AudFile.dll
    2010-10-22 05:35 . 2005-03-10 15:00 454656 ----a-w- c:\windows\system32\AudioRecord.dll
    2010-10-22 05:35 . 2005-02-24 14:21 458752 ----a-w- c:\windows\system32\AudPlayer.dll
    2010-10-22 05:35 . 2005-02-24 11:11 479232 ----a-w- c:\windows\system32\AudioVisu.dll
    2010-10-22 05:35 . 2005-02-24 11:11 1212416 ----a-w- c:\windows\system32\AudioInfos.dll
    2010-10-22 05:35 . 2005-02-24 11:10 417792 ----a-w- c:\windows\system32\AudDisplay.dll
    2010-10-22 05:35 . 2005-02-24 11:10 2084864 ----a-w- c:\windows\system32\AudDesign.dll
    2010-10-22 05:35 . 1998-07-12 22:00 21504 ----a-w- c:\windows\system32\TABCTFR.DLL
    2010-10-22 05:35 . 1998-07-12 22:00 141312 ----a-w- c:\windows\system32\MSCMCFR.DLL
    2010-10-22 05:35 . 2010-10-22 05:35 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\FreeAudioPack
    2010-10-21 21:36 . 2010-10-28 23:40 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\skypePM
    2010-10-21 21:29 . 2010-10-21 21:29 -------- d-----w- c:\program files\Fichiers communs\Skype
    2010-10-21 21:29 . 2010-10-21 21:30 -------- d-----r- c:\program files\Skype
    2010-10-21 21:29 . 2010-11-02 01:09 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Skype
    2010-10-21 21:29 . 2010-10-21 21:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2010-10-21 18:12 . 2010-10-21 18:12 -------- d-----w- c:\documents and settings\NetworkService\Application Data\AdobeUM
    2010-10-15 17:53 . 2010-10-15 17:53 -------- d-----w- C:\temp

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-08-17 13:17 . 2004-08-10 19:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
    2010-04-10 17:26 . 2008-12-17 10:02 278528 ----a-w- c:\program files\Fichiers communs\FDEUnInstaller.exe
    2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
    2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
    2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
    "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2010-04-28 2633976]
    "MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2009-08-04 684032]
    "ManyCam"="c:\program files\ManyCam\Bin\ManyCam.exe" [2010-06-24 1680680]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
    "ftutil2"="ftutil2.dll" [2004-06-07 106496]
    "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-01-11 246504]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
    "HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
    "KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
    "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
    "PCDrProfiler"="" [BU]
    "PS2"="c:\windows\system32\ps2.exe" [2004-10-25 90112]
    "Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
    "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-02 180269]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]
    "ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-03 135920]
    "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2010-6-27 81997]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
    WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2010-2-22 495432]

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\iTunes\\iTunes.exe"=
    "c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\World of Warcraft\\Launcher.exe"=
    "c:\\Documents and Settings\\HP_Administrateur.NOM-FB9B15D2723\\Bureau\\Left 4 Dead 2\\Left 4 Dead 2.0.0.6 - Full FR - HamachiFrance\\srcds.exe"=
    "c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
    "c:\\Documents and Settings\\HP_Administrateur.NOM-FB9B15D2723\\Bureau\\Left 4 Dead 2\\Left 4 Dead 2.0.0.6 - Full FR - HamachiFrance\\left4dead2.exe"=
    "c:\\Program Files\\Orange\\Connexion Internet Orange\\Connectivity\\ConnectivityManager.exe"=
    "c:\\Program Files\\World of Warcraft\\Repair.exe"=
    "c:\\Program Files\\LittleFighter2\\LF2_v2.0a\\lf2.exe"=
    "c:\\Program Files\\adslTV\\adsltv.exe"=
    "c:\\Program Files\\adslTV\\VLC\\vlc.exe"=
    "c:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"=

    R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [09/06/2010 19:12 691696]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [14/02/2010 18:41 108289]
    R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [02/01/2005 16:47 2799488]
    R3 RTL8187B;TG123g USB Wireless Adapter;c:\windows\system32\drivers\RTL8187B.sys [29/07/2010 18:43 264576]
    R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [06/04/2009 12:19 23064]
    S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [01/11/2010 08:15 23152]
    S3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [20/06/2005 10:12 215040]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
    .
    Contenu du dossier 'Tâches planifiées'

    2010-10-18 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

    2010-09-15 c:\windows\Tasks\debutDowngrade.job
    - c:\program files\NCH Software\Debut\debut.exe [2010-08-11 21:29]

    2010-10-03 c:\windows\Tasks\debutShakeIcon.job
    - c:\program files\NCH Software\Debut\debut.exe [2010-08-11 21:29]

    2010-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 23:23]

    2010-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-07 23:23]

    2010-10-22 c:\windows\Tasks\prismDowngrade.job
    - c:\program files\NCH Software\Prism\prism.exe [2010-08-11 21:14]

    2010-10-22 c:\windows\Tasks\prismShakeIcon.job
    - c:\program files\NCH Software\Prism\prism.exe [2010-08-11 21:14]
    .
    .
    ------- Examen supplémentaire -------
    .
    uInternet Connection Wizard,ShellNext = hxxp://configuration.adsl/
    IE: &Traduire à partir de l'anglais - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
    IE: Pages liées - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
    IE: Pages similaires - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
    IE: Recherche &Google - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
    IE: Version de la page actuelle disponible dans le cache Google - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
    DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} - hxxp://webtv.guidetv.orange.fr/resources/OCS_9418.cab
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    AddRemove-Audacity 1.3 Beta (Unicode)_is1 - c:\program files\Audacity 1.3 Beta (Unicode)\unins000.exe
    AddRemove-CounterStrike 1.6 from VSI (Version 1.02) - c:\progra~1\Valve\CSTRIK~1.6\UNWISE.EXE
    AddRemove-Halo - c:\program files\Microsoft Games\Halo\UNINSTAL.EXE
    AddRemove-100%Naruto v2.5 - c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Bureau\Uninstal.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-11-02 21:24
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, http://www.gmer.net
    Windows 5.1.2600 Disk: ST3250823AS rev.3.03 -> \Device\Ide\IdePort0

    device: opened successfully
    user: MBR read successfully
    called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x86E4FEC5]<<
    _asm { PUSH EBP; MOV EBP, ESP; SUB ESP, 0x1c; PUSH EBX; PUSH ESI; MOV DWORD [EBP-0x4], 0x85f15872; SUB DWORD [EBP-0x4], 0x85f1512e; PUSH EDI; CALL 0xffffffffffffdf33; }
    1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x86EBFAB8]
    3 CLASSPNP[0xF7530FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000075[0x86EC7F18]
    5 ACPI[0xF729B620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86F32D98]
    [0x86F2F240] -> IRP_MJ_CREATE -> 0x86E4FEC5
    kernel: MBR read successfully
    _asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x5c; }
    detected hooks:
    \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST3250823AS_____________________________3.03____#5&1e0f25ad&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
    \Driver\atapi DriverStartIo -> 0x86E4FAEA
    user & kernel MBR OK
    sectors 488397166 (+255): user != kernel
    Warning: possible TDL3 rootkit infection !

    Filesystem trace:
    called modules: ntkrnlpa.exe hal.dll fltmgr.sys avgntflt.sys bb-run.sys sr.sys >>UNKNOWN [0x86FD41F8]<<
    _asm { MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX; PUSH 0x86fd4008; MOV EAX, 0xf72edd40; CALL EAX; }
    1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86281D28]
    3 fltmgr[0xF70F2E95] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86E31E80]
    5 bb-run[0xF75447E1] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86F2CB38]
    7 sr[0xF70E2870] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x86F32020]
    \FileSystem\Ntfs[0x86E2F4B0] -> IRP_MJ_CREATE -> 0x86FD41F8

    Registry trace:
    called modules: ntkrnlpa.exe spor.sys hal.dll >>UNKNOWN [0x86F878B0]<<
    _asm { PUSH EBP; MOV EBP, ESP; JMP 0xfffffffff9633bd7; }

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\EverestDriver]
    "ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,d7,a2,76,23,8d,5d,4f,9e,44,a6,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,d7,a2,76,23,8d,5d,4f,9e,44,a6,\

    [HKEY_USERS\S-1-5-21-1383797886-225924082-2662260845-1007\Software\SecuROM\License information*]
    "datasecu"=hex:D 2,38,21,1f,2a,0a,96,e7,cb,24,40,1a,07,6d,22,7f,94,e8,bf,02,fc,
    5b,40,be,e4,78,0e,1c,41,41,f9,15,78,ac,57,0c,11,50,6e,a9,a4,f3,bf,e8,1b,33,\
    "rkeysecu"=hex:4e,6f,39,48,07,71,f3,1f,b2,25,fa,e1,27,d2,09,aa

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(728)
    c:\windows\system32\Ati2evxx.dll

    - - - - - - - > 'explorer.exe'(3780)
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\windows\system32\Ati2evxx.exe
    c:\windows\system32\Ati2evxx.exe
    c:\program files\Avira\AntiVir Desktop\avguard.exe
    c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\windows\arservice.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\windows\ehome\mcrdsvc.exe
    c:\windows\system32\wscntfy.exe
    c:\windows\ARPWRMSG.EXE
    c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
    c:\windows\SOUNDMAN.EXE
    c:\program files\Orange\Connexion Internet Orange\Launcher\Launcher.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\program files\ATI Technologies\ATI.ACE\cli.exe
    c:\program files\Inventel\Gateway\wlancfg.exe
    .
    **************************************************************************
    .
    Heure de fin: 2010-11-02 21:34:46 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-11-02 20:34
    ComboFix2.txt 2009-05-01 22:41
    ComboFix3.txt 2009-04-28 18:52

    Avant-CF: 7 417 741 312 octets libres
    Après-CF: 9 357 025 280 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

    Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=,1,2,3,4
    - - End Of File - - 6733C6B3EE89BE531635E6418F5F8512
    3 Novembre 2010 13:02:57

    RE, je viens de recevoir cette alerte d'Antivir à l'instant :

    "Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP285\A0321583.dll'
    un virus ou un programme indésirable 'TR/Alureon.EC.79' [trojan] a été détecté."
    a c 295 8 Sécurité
    3 Novembre 2010 23:21:27

    Tu as toujours des soucis ?
    4 Novembre 2010 19:30:32

    Bonsoir, en fait j'ai eu ça récemment :

    "Dans le fichier 'C:\System Volume Information\_restore{512DF77D-45B5-4AE1-9C2A-EC48B0F584C1}\RP285\A0321583.dll'
    un virus ou un programme indésirable 'TR/Alureon.EC.79' [trojan] a été détecté."

    Et je n'ai rien en quarantaine.

    Par ailleurs j'ai toujours l'erreur Généric Host Process for Win32.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS